Website Security News
Some weeks ago a critical unauthenticated privilege escalation vulnerability was discovered in old, unpatched versions of the wp-user-avatar plugin. It also allows for arbitrary file uploads, which is where we have been seeing the infections start. This plugin has over 400,000 installations so we have…
Read More about Vulnerable Plugin Exploited in Spam Redirect Campaign
Malicious redirect is a type of hack where website visitors are automatically redirected to some third-party website: usually it’s some malicious resource, scam site or a commercial site that buys…
Read More about WordPress Redirect Hack via Test0.com/Default7.com
We recently found an interesting phishing kit on a compromised website that has QR code capabilities, along with the ability to control the phishing page in real time. What our…
Read More about Real-Time Phishing Kit Targets Brazilian Central Bank
It’s not unusual to see website owners running things on a budget. Choosing a safe and reliable hosting company, buying a nice domain name, boosting posts on social media, and…
It’s not very often that we see abandoned components being used on a website — but when we do, it’s most often because the website was exhibiting malware-like behavior and…
Read More about The Dangers of Using Abandoned Plugins & Themes
In an effort to maintain unauthorized access or profit off a website’s environment long after an initial compromise, attackers commonly leverage a variety of different techniques and tactics. These techniques…
We have already shared examples of many kinds of malware that rely on an external gateway to receive or return data, such as different malware payloads. During a recent investigation,…
During malware analysis, we regularly find variations of this injected script on various compromised websites: . The variable “_0x446d” assigns hex encoded strings in different positions in the array. If…
Read More about Legacy Mauthtoken Malware Continues to Redirect Mobile Users
During a recent investigation, we found an infected website was redirecting to YouTube after its main index.php file had been modified to include the following line of HTML: <meta http-equiv=’refresh’…
Our free SiteCheck tool helps website owners remotely scan their website to detect malware infections, blacklisting status, website errors, and other anomalies. Scanning a website’s external HTML source code provides…
Malicious pop-ups and redirects have become two extremely common techniques used by attackers to drive traffic wherever they want. \ During a recent investigation, we came across an obfuscated pop-up…
